initializeSelfServiceLoginFlowForBrowsers method

Future<Response<SelfServiceLoginFlow>> initializeSelfServiceLoginFlowForBrowsers({
  1. bool? refresh,
  2. String? aal,
  3. String? returnTo,
  4. CancelToken? cancelToken,
  5. Map<String, dynamic>? headers,
  6. Map<String, dynamic>? extra,
  7. ValidateStatus? validateStatus,
  8. ProgressCallback? onSendProgress,
  9. ProgressCallback? onReceiveProgress,
})

Initialize Login Flow for Browsers This endpoint initializes a browser-based user login flow. This endpoint will set the appropriate cookies and anti-CSRF measures required for browser-based flows. If this endpoint is opened as a link in the browser, it will be redirected to `selfservice.flows.login.ui_url` with the flow ID set as the query parameter `?flow=`. If a valid user session exists already, the browser will be redirected to `urls.default_redirect_url` unless the query parameter `?refresh=true` was set. If this endpoint is called via an AJAX request, the response contains the flow without a redirect. In the case of an error, the `error.id` of the JSON response body can be one of: `session_already_available`: The user is already signed in. `session_aal1_required`: Multi-factor auth (e.g. 2fa) was requested but the user has no session yet. `security_csrf_violation`: Unable to fetch the flow because a CSRF violation occurred. `security_identity_mismatch`: The requested `?return_to` address is not allowed to be used. Adjust this in the configuration! This endpoint is NOT INTENDED for clients that do not have a browser (Chrome, Firefox, ...) as cookies are needed. More information can be found at Ory Kratos User Login and User Registration Documentation.

Parameters:

  • refresh - Refresh a login session If set to true, this will refresh an existing login session by asking the user to sign in again. This will reset the authenticated_at time of the session.
  • aal - Request a Specific AuthenticationMethod Assurance Level Use this parameter to upgrade an existing session's authenticator assurance level (AAL). This allows you to ask for multi-factor authentication. When an identity sign in using e.g. username+password, the AAL is 1. If you wish to "upgrade" the session's security by asking the user to perform TOTP / WebAuth/ ... you would set this to "aal2".
  • returnTo - The URL to return the browser to after the flow was completed.
  • cancelToken - A CancelToken that can be used to cancel the operation
  • headers - Can be used to add additional headers to the request
  • extras - Can be used to add flags to the request
  • validateStatus - A ValidateStatus callback that can be used to determine request success based on the HTTP status of the response
  • onSendProgress - A ProgressCallback that can be used to get the send progress
  • onReceiveProgress - A ProgressCallback that can be used to get the receive progress

Returns a Future containing a Response with a SelfServiceLoginFlow as data Throws DioError if API call or serialization fails

Implementation

Future<Response<SelfServiceLoginFlow>> initializeSelfServiceLoginFlowForBrowsers({
  bool? refresh,
  String? aal,
  String? returnTo,
  CancelToken? cancelToken,
  Map<String, dynamic>? headers,
  Map<String, dynamic>? extra,
  ValidateStatus? validateStatus,
  ProgressCallback? onSendProgress,
  ProgressCallback? onReceiveProgress,
}) async {
  final _path = r'/self-service/login/browser';
  final _options = Options(
    method: r'GET',
    headers: <String, dynamic>{
      ...?headers,
    },
    extra: <String, dynamic>{
      'secure': <Map<String, String>>[],
      ...?extra,
    },
    validateStatus: validateStatus,
  );

  final _queryParameters = <String, dynamic>{
    if (refresh != null) r'refresh': encodeQueryParameter(_serializers, refresh, const FullType(bool)),
    if (aal != null) r'aal': encodeQueryParameter(_serializers, aal, const FullType(String)),
    if (returnTo != null) r'return_to': encodeQueryParameter(_serializers, returnTo, const FullType(String)),
  };

  final _response = await _dio.request<Object>(
    _path,
    options: _options,
    queryParameters: _queryParameters,
    cancelToken: cancelToken,
    onSendProgress: onSendProgress,
    onReceiveProgress: onReceiveProgress,
  );

  SelfServiceLoginFlow _responseData;

  try {
    const _responseType = FullType(SelfServiceLoginFlow);
    _responseData = _serializers.deserialize(
      _response.data!,
      specifiedType: _responseType,
    ) as SelfServiceLoginFlow;

  } catch (error, stackTrace) {
    throw DioError(
      requestOptions: _response.requestOptions,
      response: _response,
      type: DioErrorType.other,
      error: error,
    )..stackTrace = stackTrace;
  }

  return Response<SelfServiceLoginFlow>(
    data: _responseData,
    headers: _response.headers,
    isRedirect: _response.isRedirect,
    requestOptions: _response.requestOptions,
    redirects: _response.redirects,
    statusCode: _response.statusCode,
    statusMessage: _response.statusMessage,
    extra: _response.extra,
  );
}